auth0 5.14.0 → 5.14.1
Sign up to get free protection for your applications and to get access to all the features.
- checksums.yaml +4 -4
- data/CHANGELOG.md +6 -0
- data/EXAMPLES.md +1 -1
- data/Gemfile.lock +3 -3
- data/lib/auth0/mixins/validation.rb +1 -1
- data/lib/auth0/version.rb +1 -1
- data/spec/lib/auth0/mixins/validation_spec.rb +2 -2
- metadata +2 -2
checksums.yaml
CHANGED
|
@@ -1,7 +1,7 @@
|
|
|
1
1
|
---
|
|
2
2
|
SHA256:
|
|
3
|
-
metadata.gz:
|
|
4
|
-
data.tar.gz:
|
|
3
|
+
metadata.gz: d567ac230e46cdb2b8ca43e044179b36d1f6980b0d605f762183e29e4d4f25be
|
|
4
|
+
data.tar.gz: 87377f3ac5970fcad124b9e0a5923a7e6c753793f0a109efd53e37c9eab43d1e
|
|
5
5
|
SHA512:
|
|
6
|
-
metadata.gz:
|
|
7
|
-
data.tar.gz:
|
|
6
|
+
metadata.gz: 0bc4c08b46bb4e1d92ad32f4531b97f965bc9b1417458b24dba6ff77c05c9f7b409df62599b1068b5e527df92bb173ca359b7e122a071c6a24a5a1f8427a8943
|
|
7
|
+
data.tar.gz: a331080bb7f29d8657544da567bb1f414c0688855d6dbf0f8adeead56d7db5c0b977be2b0232346de9540e67b5b6272cd7a165ac3a3211fc80b53514dd39248f
|
data/CHANGELOG.md
CHANGED
|
@@ -1,5 +1,11 @@
|
|
|
1
1
|
# Change Log
|
|
2
2
|
|
|
3
|
+
## [v5.14.1](https://github.com/auth0/ruby-auth0/tree/v5.14.1) (2023-07-19)
|
|
4
|
+
[Full Changelog](https://github.com/auth0/ruby-auth0/compare/v5.14.0...v5.14.1)
|
|
5
|
+
|
|
6
|
+
**Fixed**
|
|
7
|
+
- chore: should not lowercase org_name claim [\#499](https://github.com/auth0/ruby-auth0/pull/499) ([stevehobbsdev](https://github.com/stevehobbsdev))
|
|
8
|
+
|
|
3
9
|
## [v5.14.0](https://github.com/auth0/ruby-auth0/tree/v5.14.0) (2023-07-13)
|
|
4
10
|
[Full Changelog](https://github.com/auth0/ruby-auth0/compare/v5.13.0...v5.14.0)
|
|
5
11
|
|
data/EXAMPLES.md
CHANGED
|
@@ -178,7 +178,7 @@ In particular:
|
|
|
178
178
|
|
|
179
179
|
- The issuer (iss) claim should be checked to ensure the token was issued by Auth0
|
|
180
180
|
|
|
181
|
-
- the `org_id` or `org_name` claim should be checked to ensure it is a value that is already known to the application. Which claim you check depends on the organization value being validated: if it starts with `org_`, validate against the `org_id` claim. Otherwise, validate against `org_name`. Further, `org_name`
|
|
181
|
+
- the `org_id` or `org_name` claim should be checked to ensure it is a value that is already known to the application. Which claim you check depends on the organization value being validated: if it starts with `org_`, validate against the `org_id` claim. Otherwise, validate against `org_name`. Further, the value of the `org_name` claim will always be lowercase. To aid the developer experience, you may also lowercase the input organization name when checking against the `org_name`, but do not modify the `org_name` claim value.
|
|
182
182
|
|
|
183
183
|
This could be validated against a known list of organization IDs or names, or perhaps checked in conjunction with the current request URL. e.g. the sub-domain may hint at what organization should be used to validate the Access Token.
|
|
184
184
|
|
data/Gemfile.lock
CHANGED
|
@@ -1,7 +1,7 @@
|
|
|
1
1
|
PATH
|
|
2
2
|
remote: .
|
|
3
3
|
specs:
|
|
4
|
-
auth0 (5.14.
|
|
4
|
+
auth0 (5.14.1)
|
|
5
5
|
addressable (~> 2.8)
|
|
6
6
|
jwt (~> 2.7)
|
|
7
7
|
rest-client (~> 2.1)
|
|
@@ -65,7 +65,7 @@ GEM
|
|
|
65
65
|
i18n (1.14.1)
|
|
66
66
|
concurrent-ruby (~> 1.0)
|
|
67
67
|
io-console (0.6.0)
|
|
68
|
-
irb (1.7.
|
|
68
|
+
irb (1.7.4)
|
|
69
69
|
reline (>= 0.3.6)
|
|
70
70
|
json (2.6.3)
|
|
71
71
|
jwt (2.7.1)
|
|
@@ -133,7 +133,7 @@ GEM
|
|
|
133
133
|
diff-lcs (>= 1.2.0, < 2.0)
|
|
134
134
|
rspec-support (~> 3.12.0)
|
|
135
135
|
rspec-support (3.12.1)
|
|
136
|
-
rubocop (1.54.
|
|
136
|
+
rubocop (1.54.2)
|
|
137
137
|
json (~> 2.3)
|
|
138
138
|
language_server-protocol (>= 3.17.0)
|
|
139
139
|
parallel (~> 1.10)
|
|
@@ -204,7 +204,7 @@ module Auth0
|
|
|
204
204
|
raise Auth0::InvalidIdToken, 'Organization Name (org_name) claim must be a string present in the ID token'
|
|
205
205
|
end
|
|
206
206
|
|
|
207
|
-
unless expected.downcase == claims['org_name']
|
|
207
|
+
unless expected.downcase == claims['org_name']
|
|
208
208
|
raise Auth0::InvalidIdToken, "Organization Name (org_name) claim value mismatch in the ID token; expected \"#{expected}\","\
|
|
209
209
|
" found \"#{claims['org_name']}\""
|
|
210
210
|
end
|
data/lib/auth0/version.rb
CHANGED
|
@@ -342,8 +342,8 @@ describe Auth0::Mixins::Validation::IdTokenValidator do
|
|
|
342
342
|
end
|
|
343
343
|
|
|
344
344
|
it 'is expected to NOT raise an error with organization name in different casing' do
|
|
345
|
-
token = build_id_token org_name: '
|
|
346
|
-
instance = Auth0::Mixins::Validation::IdTokenValidator.new(CONTEXT.merge({ organization: '
|
|
345
|
+
token = build_id_token org_name: 'my-organization'
|
|
346
|
+
instance = Auth0::Mixins::Validation::IdTokenValidator.new(CONTEXT.merge({ organization: 'MY-ORGANIZATION' }))
|
|
347
347
|
|
|
348
348
|
expect { instance.validate(token) }.not_to raise_exception
|
|
349
349
|
end
|
metadata
CHANGED
|
@@ -1,7 +1,7 @@
|
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
|
2
2
|
name: auth0
|
|
3
3
|
version: !ruby/object:Gem::Version
|
|
4
|
-
version: 5.14.
|
|
4
|
+
version: 5.14.1
|
|
5
5
|
platform: ruby
|
|
6
6
|
authors:
|
|
7
7
|
- Auth0
|
|
@@ -11,7 +11,7 @@ authors:
|
|
|
11
11
|
autorequire:
|
|
12
12
|
bindir: bin
|
|
13
13
|
cert_chain: []
|
|
14
|
-
date: 2023-07-
|
|
14
|
+
date: 2023-07-19 00:00:00.000000000 Z
|
|
15
15
|
dependencies:
|
|
16
16
|
- !ruby/object:Gem::Dependency
|
|
17
17
|
name: rest-client
|